Remove a error message that was only there to help people upgrading
*incorrectly* from 3.5 or earlier.

Fix variable name in selectNamespaces

Fix a comment "file" -> "function".

We need to validate port.Protocol even though validation also checks
it, because in theory we could be out of sync with upstream.

We don't need a FIXME for named ports because there's a bug open about
it.

We don't need to validate that ports are in range because that got
fixed upstream a long time ago.

The previous code was not entirely correct in the event that Namespace
and NetNamespace events got processed out of order. Fix that by
tracking the events in a more unified way. (This is also needed for
the upcoming cache rewrite.)

Also, get rid of some unnecessary cache flushes:

  - We don't need to flush the cache on a Namespace update where the
    labels didn't change.

  - We only need to flush the cache on either AddNamespace or
    AddNetNamespace, whichever comes last.

  - We don't need to flush the cache (or regenerate OVS flows) on
    DeleteNamespace or DeleteNetNamespace, because the extra entries
    are harmless until the name/VNID is reused, and the cache will be
    flushed if that happens.

Add a new subtest to confirm that we handle Namespace deletion
correctly.

Rather than flushing the entire cache every time a Namespace is added,
just add or remove cache entries as needed for the new Namespace.

To ensure that the cache doesn't grow without bounds, flush the cache
entry for a particular LabelSelector if *any* policy including that
LabelSelector is deleted.

Add tests for the new behavior.